Device Certificate not showing

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Device Certificate not showing

L1 Bithead

Hello Guys,

 

I have problem with device certificate, i have create the device certificate, but is not showing in GUI Palo Alto.

but when i try to import configuration the certificate is showing.

anyone can help me why device certificate is not showing in GUI ?

 

 

14 REPLIES 14

L7 Applicator

Hi @dwi.nur 

After creation, did you see the message that the cert was created successfully? (Successfully generated certificate and key pair...)

Did you maybe create the certificate in a specific vsys and it is not showing in another vsys? What PAN-OS version do you have installed?

L1 Bithead

hi @Remo 

 

yes, the message show  was created successfully.

no, i just have 1 vsys right now, and i'm in PAN-OS 10.05

 

thank you in advance for responding to my post.

 

After generating the certificate, did you check on CLI if the cert is there? When you say it works when you import a configuration, do you import there a full device configuration - with a certificate - or only a partial configuration?

how to check via cli ?
i import from device state configuration.

Connect with SSH and type the following commands:

configure

show shared certificate

 

Whis will show the currently configured certificates.

L1 Bithead

Hello Guys,

 

Same problem with some certificates (inbound decryption) in v8&v9;  

'show shared certificate' shows the certificate, I can select it on the decryption policy but no certificate in the list.

I'm talking with support about it.

 

Regards

L0 Member

Hi Guys,

 

same Problem here. We are using PAN-OS 10.1. When i search it in the global search they show me the vsys1. So i know it is succesfully created, but i cant use it for the Certificate Profile.

 

Has anyone already a solution?

 

Regards

L1 Bithead

What is your device model?

 

L1 Bithead

Hi

 

Are PA-5250.

 

Regards

the command would be > show device-certificate status to check device certificate

L0 Member

Running 10.1.8 - Call me crazy but what seems to be working for me is if I populate the "Certificate Name" field prior to uploading the certificate. When done in this sequence the certificates display in the UI.

IT may be that the certificate created doesnt have a key in it.  Is the KEY section showing a checkmark? That could be your problem.  

Hi @Remo 

 

When i try to generate certificate on shared vsys. Its showing only on vsys 4 not shared. I have created with superuser account. Any solution to create certificate for shared vsys

That did the trick, thanks!

  • 14528 Views
  • 14 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!